package com.kaluli.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter;

import com.kaluli.system.security.SimpleAuthenticationSuccessHandler;
import com.kaluli.system.security.SimpleRememberMeService;
import com.kaluli.system.security.SimpleUsernamePasswordAuthenticationProvider;
import com.kaluli.system.security.UserDetailsServiceImpl;

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

	@Override
	public void configure(WebSecurity web) throws Exception {
		web.ignoring().antMatchers("/res/**");
	}

	@Override
	protected void configure(HttpSecurity http) throws Exception {
		http.authorizeRequests().antMatchers("/login").permitAll()
//				.antMatchers("/login").permitAll()
//				.antMatchers("/home/**").permitAll()
				.antMatchers("/*").permitAll()
				.antMatchers("/*/*").permitAll()
				.antMatchers("/*/*/*").permitAll()
//				.antMatchers("/index.html").permitAll()
				// .antMatchers("/**").hasRole("AUDIT")
				// .antMatchers("/j_spring_security_check").permitAll()
				.antMatchers("**").hasAnyRole("USER")
				.and().formLogin().loginPage("/index.html").and().httpBasic();

		// http.authorizeRequests().anyRequest().permitAll().and().formLogin()
		// .loginPage("/login").permitAll();
		// .and().logout().permitAll();

		http.csrf().disable();

		UsernamePasswordAuthenticationFilter authFilter = new UsernamePasswordAuthenticationFilter();
		authFilter.setUsernameParameter("username");
		authFilter.setPasswordParameter("password");
		authFilter.setAuthenticationManager(authenticationManager());
		authFilter
				.setAuthenticationSuccessHandler(new SimpleUrlAuthenticationSuccessHandler(
						"/"));

//		SimpleUsernamePasswordAuthenticationFilter simpleAuthFilter = new SimpleUsernamePasswordAuthenticationFilter();
//		simpleAuthFilter.setAuthenticationManager(authenticationManager());

	

		RememberMeAuthenticationFilter rememberFilter = new RememberMeAuthenticationFilter(
				authenticationManager(), new SimpleRememberMeService());
		rememberFilter.setAuthenticationSuccessHandler(new SimpleAuthenticationSuccessHandler());
	
		http.addFilter(rememberFilter);
		http.addFilter(authFilter);
	}

	@Override
	protected void configure(AuthenticationManagerBuilder auth)
			throws Exception {
		auth.inMemoryAuthentication().withUser("user") // #1
		.password("123456").roles("USER").and().withUser("jc") // #1
//		.password("123456").roles("USER").and().withUser("sh") // #1
//		.password("123456").roles("AUDIT").and().withUser("admin") // #2
//		.password("123456").roles("XF").and().withUser("xf")
		.password("123456").roles("ADMIN", "USER","XF");
				auth.authenticationProvider(daoAuthenticationProvider());
		auth.authenticationProvider(simpleAuthenticationProvider());
	}

	@Bean
	public AuthenticationProvider daoAuthenticationProvider() {
		DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
//		provider.setPasswordEncoder(passwordEncoder)
		provider.setUserDetailsService(userDetailsService());
		return provider;
	}
	
	// @Bean
	// public UsernamePasswordAuthenticationFilter authFilter(
	// AuthenticationManager authenticationManager) throws Exception {
	// UsernamePasswordAuthenticationFilter authFilter = new
	// UsernamePasswordAuthenticationFilter();
	// authFilter.setUsernameParameter("username");
	// authFilter.setPasswordParameter("password");
	// authFilter.setAuthenticationManager(authenticationManager);
	// authFilter
	// .setAuthenticationSuccessHandler(new
	// SimpleUrlAuthenticationSuccessHandler(
	// "/"));
	// return authFilter;
	// }
	//
	// @Bean
	// public AuthenticationManager authenticationManager(
	// AuthenticationProvider daoAuthenticationProvider) throws Exception {
	// List<AuthenticationProvider> authenticationProviderList = new
	// ArrayList<AuthenticationProvider>();
	// authenticationProviderList.add(daoAuthenticationProvider);
	// AuthenticationManager authenticationManager = new
	// ProviderManager(authenticationProviderList);
	// return authenticationManager;
	// }
	//
	// @Bean
	// public AuthenticationProvider daoAuthenticationProvider(
	// UserDetailsService userDetailsService) {
	// DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
	// provider.setUserDetailsService(userDetailsService);
	// return provider;
	// }

	@Bean
	public AuthenticationProvider simpleAuthenticationProvider() {
		SimpleUsernamePasswordAuthenticationProvider provider = new SimpleUsernamePasswordAuthenticationProvider();
		provider.setUserDetailsService(userDetailsService());
		return provider;
	}

	@Bean
	public UserDetailsService userDetailsService() {
		return new UserDetailsServiceImpl();
	}

}
